DarkFiber Consulting - IT Managed Services » Security Bulletin

Apple Releases Security Update 2010-004 and Mac OS X v10.6.4

DarkFiber Consulting — Wed, 23 Jun 2010 18:43:57 +0000

Apple has released Security Update 2010-004 and Mac OS X v10.6.4 to address multiple vulnerabilities that affect a number of applications. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, operate with elevated privileges, conduct man-in-the-middle attacks, alter configuration settings, or conduct cross-site scripting attacks.

Note that these Apple updates include Adobe Flash Player plugin version 10.0.45.2, which contains vulnerabilities previously identified in Adobe Security Bulletin APSB10-14. The Adobe Product Security Incident Response Team (PSIRT) has published a blog entry recommending that Mac OS X users upgrade to the latest version of the Flash Player (version 10.1.53.64) after applying these Apple updates.

DarkFiber Consulting encourages users and administrators to review Apple Article HT4188 and the Adobe PSIRT blog entry and apply any necessary updates to help mitigate the risks.

Tags: Adobe Flash Player, Adobe Product, Apple Article, Apple Updates, Arbitrary Code, Attacker, Blog Entry, Configuration Settings, Cross Site Scripting, Denial Of Service, Flash Player Plugin, Flash Player Version, Incident Response Team, Mac Os X, Necessary Updates, Product Security, Psirt, Security Bulletin, Security Incident Response, Vulnerabilities

Adobe Releases Flash 10.1

DarkFiber Consulting — Wed, 23 Jun 2010 18:43:56 +0000

Adobe has released a Security Bulletin to address vulnerabilities in Adobe Flash Player 10.0.45.2 and earlier versions and in Adobe AIR 1.5.3.9130 and earlier versions. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Adobe Security Bulletin APSB10-14 and to update to Adobe Flash Player 10.1 to help mitigate the risks.

Tags: Address, Adobe 5, Adobe Flash Player, Adobe Flash Player 10, Adobe Help, Air 1, Arbitrary Code, Attacker, Denial Of Service, Flash Help, Flash Player 10, Security Bulletin, Vulnerabilities

Adobe Releases a Security Update for Download Manager

DarkFiber Consulting — Mon, 01 Mar 2010 21:14:03 +0000

Adobe has released a security bulletin to address a vulnerability in the Adobe Download Manager. This vulnerability could allow an attacker to download and install unauthorized software.

DarkFiber Consulting encourages users and administrators to review security bulletin APSB10-08 and review the steps to mitigate the issue.

Tags: Address, Adobe Download Manager, Adobe Update, Attacker, Download Adobe, Security Bulletin, Security Manager, Unauthorized Software, Vulnerability

Microsoft Releases Advance Notification for February Security Bulletin

DarkFiber Consulting — Mon, 01 Mar 2010 21:13:59 +0000

Microsoft has issued a Security Bulletin Advance Notification, indicating that its February release cycle will contain 13 bulletins. Five of them will have a severity rating of Critical and will be for Microsoft Windows. The remaining eight bulletins have an Important rating and are for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, February 9, 2010.

DarkFiber Consulting will provide additional information as it becomes available.

Tags: Advance Notification, Bulletins, Microsoft, Microsoft Office, Microsoft Security, Microsoft Windows, Security Bulletin, Severity Rating, Windows Microsoft

Adobe Releases Shockwave Player Update

DarkFiber Consulting — Thu, 28 Jan 2010 02:08:45 +0000

Adobe has released an update for Shockwave Player to address multiple vulnerabilities. These vulnerabilities affect Adobe Shockwave Player 11.5.2.602 and earlier versions for Windows and Macintosh. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code.

DarkFiber Consulting encourages users and administrators to review Adobe Security Bulletin APSB10-03 and apply any necessary updates to help mitigate the risks.

Tags: Address, Adobe 5, Adobe Shockwave Player, Adobe Update, Arbitrary Code, Attacker, Macintosh, Necessary Updates, Security Bulletin

Adobe Releases Update for Adobe Reader and Acrobat

DarkFiber Consulting — Thu, 28 Jan 2010 02:08:43 +0000

Adobe has released an update for Reader and Acrobat to address multiple vulnerabilities. These vulnerabilities affect Adobe Reader 9.2 and earlier versions for Windows, Macintosh, and UNIX and Adobe Acrobat 9.2 and earlier versions for Windows and Macintosh. Exploitation of these vulnerabilities may allow an attacker to execute arbitrary code or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Adobe Security Bulletin APBS10-02 and apply any necessary updates to help mitigate the risks.

Tags: Acrobat Adobe, Address, Adobe Acrobat, Adobe Reader, Adobe Update, Arbitrary Code, Attacker, Denial Of Service, Macintosh, Necessary Updates, Reader Acrobat, Security Bulletin, Unix

Adobe Releases Security Updates for Flash Player and AIR

DarkFiber Consulting — Thu, 10 Dec 2009 18:49:53 +0000

Adobe has released a security bulletin to address multiple vulnerabilities in Adobe Flash Player 10.0.32.18 and earlier and Adobe AIR1.5.2 and earlier. These vulnerabilities may allow an attacker to execute arbitrary code, cause a denial-of-service condition, or obtain sensitive information.

DarkFiber Consulting encourages users and administrators to review Adobe security bulletin APSB09-19 and update to Adobe Flash Player 10.0.42.34 and Adobe AIR 1.5.3.

Tags: Address, Adobe 5, Adobe Flash Player, Adobe Flash Player 10, Adobe Updates, Air 1, Air1, Arbitrary Code, Attacker, Denial Of Service, Flash 32, Flash Player 10, Security Bulletin, Security Updates, Vulnerabilities

Microsoft Releases Advance Notification for December Security Bulletin

DarkFiber Consulting — Thu, 10 Dec 2009 18:49:49 +0000

Microsoft has issued a Security Bulletin Advance Notification indicating that its December release cycle will contain six bulletins, three of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Microsoft Office, and Internet Explorer. There will also be three important bulletins for Microsoft Windows and Microsoft Office. Release of these bulletins is scheduled for Tuesday, December 8.

DarkFiber Consulting will provide additional information as it becomes available.

Tags: Advance Notification, Amp Nbsp, Bulletins, December 8, Internet Explorer, Microsoft, Microsoft Internet, Microsoft Office, Microsoft Security, Microsoft Windows, Security Bulletin, Severity Rating, Windows Microsoft

Adobe Releases Security Bulletin for Adobe Reader and Acrobat

DarkFiber Consulting — Wed, 14 Oct 2009 10:06:56 +0000

Adobe has republished security bulletin APSB09-015 to address multiple vulnerabilities in Adobe Reader and Acrobat. These vulnerabilities may allow an attacker to execute arbitrary code, escalate local privileges, or cause a denial-of-service condition.

DarkFiber Consulting encourages users and administrators to review Adobe security bulletin APSB09-015 and apply any necessary updates.

Tags: Acrobat Adobe, Acrobat Security, Adobe Acrobat, Adobe Reader, Arbitrary Code, Attacker, Denial Of Service, Necessary Updates, Privileges, Reader Acrobat, Security Bulletin, Vulnerabilities

Microsoft Releases Advance Notification for October Security Bulletin

DarkFiber Consulting — Wed, 14 Oct 2009 10:06:55 +0000

Microsoft has issued a Security Bulletin Advance Notification indicating that its October release cycle will contain thirteen bulletins, eight of which will have a severity rating of Critical. The notification states that these Critical bulletins are for Microsoft Windows, Internet Explorer, Office, Silverlight, SQL Server, Developer Tools, and Forefront. There will also be five important bulletins for Microsoft Windows. Release of these bulletins is scheduled for Tuesday, October 13.

DarkFiber Consulting will provide additional information as it becomes available.

Tags: Advance Notification, Bulletins, Developer Tools, Forefront, Internet Explorer, Microsoft, Microsoft Explorer, Microsoft Internet, Microsoft Security, Microsoft Windows, Security Bulletin, Server Developer, Severity Rating, Tuesday October, Windows Explorer, Windows Internet